Menu
▾
▴
#1034 /bin/install and /bin/install-info fail on Vista
/bin/install and /bin/install-info result in a "Permission denied" error on Vista.
Vista uses heuristics based, amongst other things, on the executable name to detect install programs. Having "install" in the names of these executables causes Vista to think they need Administrative privileges to run, and so results in a "Permission denied" error when they are called without Administrative privileges.
This can be fixed by including the attached install.exe.manifest and install-info.exe.manifest in the /bin/ directory. These files override Vista's heuristics and tell it that the corresponding executables actually don't need Administrative privileges.
Manifest file to tell Vista that install.exe does not require Administrative privileges to run
Manifest file to tell Vista that install-info.exe does not require Administrative privileges to run
Logged In: YES
user_id=1497373
Originator: YES
Uploaded install-info.exe.manifest
File Added: install-info.exe.manifest
Logged In: YES
user_id=1497373
Originator: YES
I should have added... I understand there is a way of including these manifest files as resources within the .exe's themselves, which would avoid the need for the separate files. I'm not sure of how to do this though, nor whether it is possible without using MS tools. In any case, including them as separate file alongside the .exe's works.
By the way:
$ uname -a
MINGW32_NT-6.0 MBOURNE 1.0.10(0.46/3/2) 2004-03-15 07:17 i686 unknown
in case that is relevant.
Logged In: YES
user_id=15438
Originator: NO
Is there a feature to turn off the insane heuristic?
"... you have come to a sad realization."
Logged In: YES
user_id=823908
Originator: NO
Yeah, I saw this discussed on one of the Cygwin lists, a while back; IIRC, there were a number of strings, which if they appeared *anywhere* in the command name, would block that command from execution by any user without admin privilege. Among them were "*setup*" and "*instal*", (one "l" sufficient); I think there were others, which I can't remember now.
Speaks volumes for the inherently crap design of Vista's security model, when they have to rely on such insane heuristic techniques to implement what should be file system level security; indeed, any algorithm based on heuristics should probably be classed as "broken by design".
I think the Cygwin folks concluded that the only way around this BS was to install the appropriate manifest files. (My solution, of course, would be to run Linux, and forget about Vista forever :) Sadly, there will be too many lemmings, only too willing to throw their money into Microsoft's coffers, in return for nothing beyond the satisfaction of contributing further to Bill's ever increasing wealth).
Logged In: YES
user_id=1369729
Originator: NO
Thanks, Mark. I will include the manifest files in the next MSYS release.
Regards,
Cesar
Logged In: YES
user_id=1497373
Originator: YES
The heuristics can be turned off on Business and Ultimate editions of Vista through the "Local Security Policy" found under Administrative Tools. Look under "Local Policies / Security Options / User Account Control: Detect application installations and prompt for elevation". I don't think the security policy editor is included in home editions, but there should be a registry hack which would have the same effect.
As I understand it, the heuristics are not designed to improve security by preventing these programs from running, but to allow legacy installers (which require access to Program Files etc. but don't "know" how to use UAC to ask for admin access themselves) to work in Vista by elevating them. It's part of the compatibility stuff to help old programs which don't know about Vista's security to work with it.
Logged In: YES
user_id=1369729
Originator: NO
The fix for this bug was applied to CVS and a new snapshot was uploaded:
http://downloads.sourceforge.net/mingw/coreutils-5.97-MSYS-1.0.11-snapshot.tar.bz2
Thanks,
Cesar